SecurityGateway for Email Servers- Protection from External Threats

SecurityGateway for Email Servers performs a variety of security tests on inbound email messages, to block outside threats from gaining access to your system. Performing multiple tests on inbound messages helps ensure that spammers don't have a single point of entry which they can exploit.

AntiSpam

Heuristic and Bayesian Engines

SecurityGateway uses SpamAssassin for Heuristic rules and Bayesian classification to block over 99% of all spam.

DNS and URI Blacklists

Several DNS and URI Blacklist services, which maintain lists of servers known to relay spam, can be used to block mail from known spam sources.

Message Certification

Message Certification allows a third party to validate the trustworthiness of a sending server.

Greylisting

Greylisting delays inbound mail from unknown senders to discourage spam and can be customized using Sieve scripts.

Backscatter Protection

Backscatter Protection prevents users from receiving irritating bounce-back messages in response to messages they did not send.

Message Scoring

Message Scoring can be customized to fit each domain's needs - each domain can refuse, quarantine, or tag messages based on message scores.

AntiVirus

SecurityGateway includes flexible antivirus configuration options. Automatic updates can be performed at regular intervals, ensuring you have the most up-to-date antivirus protection. Messages with viruses can be refused or quarantined for review by the administrator on a per-domain basis.

Multiple AV Engines

Administrators have the flexibility to use multiple AV engines in addition to real-time virus and spam pattern analysis.

Threat Signature Updates

Because the threat landscape is constantly evolving, SecurityGateway can be configured to check for virus signature updates automatically as well as manually for immediate updates.

Zero-Hour Virus Outbreak Protection

Allows SecurityGateway to recognize spam or virus outbreaks almost immediately as they are released over the Internet.

Resulting analysis can detect outbreaks in "Zero-Hour" - much faster than traditional filter and signature based solutions that require detecting, defining, and disseminating new virus information.

Recurrent Pattern Detection (RPD) Technology

The part of Outbreak Protection that analyzes "patterns" associated with an email transmission and compares them to similar patterns collected from billions of email messages sampled daily, in real-time, from live Internet email traffic.

AntiSpoofing

Multiple techniques are used to verify a sender's address to prevent spammers from forging the origin of the message.

Reverse Lookups

Reverse Lookups can be used to tag or refuse messages if the sending mail server or email address is forged.

Callback Verification

Callback Verification allows SecurityGateway to verify that the sending email address is valid before accepting the message.

Email Authentication

Incorporates current authentication techniques used to validate and sign messages to minimize the receipt of possible spam messages.

DomainKeys Identified Mail (DKIM)

DKIM is a security technique that uses a digital "fingerprint," to identify possible tampering of messages. When SecurityGateway receives a message that has been signed with DKIM, it validates the DKIM signature upon receipt to confirm the signer's identity and to ensure the message was not tampered with during transit over the Internet.

Sender Policy Framework (SPF)

Sender Policy Framework uses the DNS system to verify that messages claiming to come from a particular domain were sent from mail hosts that are authorized to send on the domain's behalf.

DMARC enables domain owners to direct the actions to take when handling messages purporting to be from their domain but were not actually sent by them. SPF and DKIM lookups are performed on the purported sender's domain, and if a PASS result is not received for at least one of these queries, the sender's DMARC record provides instructions on how to handle these messages, such as whether to quarantine or reject the message.

AntiAbuse

Multiple techniques to allow legitimate mail in while preventing unauthorized access - all configurable on a per-domain basis.

Relay Control

Prohibits messages from being accepted or delivered if they are not to or from a local domain.

SMTP Authentication

SMTP authentication can be required - to ensure that the identity of message senders is known.

IP Shielding

Allows SecurityGateway to only accept mail from a domain if it matches a pre-defined domain/IP pair.

Dynamic Screening and DDoS

Bans senders based on their suspicious activity and prevents Distributed Denial of Service (DDoS) attacks. Dynamic Screening for failed SMTP authentication attempts work across sessions over time. The failed authentication count for an IP is reset at midnight, or when it is blocked and added to the Dynamic Screening list.

Tarpitting

Deliberately slows down sessions after a specified number of RCPT commands, to prevent abuse from a suspected spammer or bot.

Filtering

Minimize incoming and outgoing threats by blocking or quarantining messages based on content or types of file attachments.

Multiple Search Strings

May be defined for a single condition in which a user can specify if the condition must match any or all of the defined strings - useful for searching a message header or body against a list of keywords.

Message Content Filter

Allows the administrator to look for content within a message and take action based on the results.

Preset File Types

Allows the administrator to tell SecurityGateway to block all attached video files, images, or executable files with one click.

Attachment Filtering

Allows content filter rules and custom sieve scripts to perform actions based upon the content of an attachment. You can also exclude whitelisted senders, authenticated sessions, and domain mail servers from Attachment Filtering.

Blacklists

Blacklists allow you to block threats from known email abusers.

Blacklist Addresses

Match addresses by domain or email address.

Blacklist Hosts

Match by the host name given during the SMTP session.

Blacklist IPs

Match by connecting IP address.

Blacklist Actions

Allow the administrator to refuse or quarantine if a blacklist match occurs.

Whitelists

Speed up message processing through the identification of friendly senders.